Damballa has issued its threat report for the first half of 2011 and say that “it looks to be another big year for Internet crime”.
The report focuses primarily on botnets, which operate by installing malware and then remotely controlling computers. These can be used to steal financial information and to perform DDoS attacks on businesses operating through the web.
During the course of the first half of 2011, many new botnets have come into being and these are often “multi-purpose” in that they can be used for a number of criminal activities.
The most prevalent botnet was “OneStreetTroop”, according to the report this “malware is now more powerful and capable than ever” in launching fraud campaigns.
The botnet relies on the SpyEye construction kit and combines “the best of both crimeware development kits into a single commercial package”.
Botnets such as these represent the biggest threat to home users and small businesses, especially those who don’t deploy multiple levels of security protection.
Many of the biggest botnets don’t get picked up by AV products as they have successfully developed ways to break through protection and infect a computer, therefore it’s important to have more than one solution in place to avoid an attack.
Botnets actively communicate with one or more controllers and the amount of victim machines participating in criminal campaigns has risen by 18% this year to 41.5% of machines actively involved in two or more botnet operations.
The research also looked at mobile devices for the first time, which we have frequently reported as being on the rise concerning malware attacks recently. It was found that a number of devices were actively communicating with criminal servers.
However, the report suggests that these can be controlled by mobile operators who have the ability to remove apps and remotely wipe suspect files from a device.
Whilst the biggest threat to mobile devices has traditionally been thought to be premium SMS scams and such like, Damballa says that they can now be opened up to “all the same campaigns and crimes as their deskbound brethren”.
Damballa states that the only way to begin to combat this kind of cybercrime is to stay ahead of the threat. The firm suggests that this is achievable through constant research that helps security consultants to understand how botnets are developed and maintained.